TryHackMe – REloaded (Writeup by Isira Adithya) So, I am Isira Adithya. I am a 16 years old student from Sri Lanka and I do not know lot about Ethical Hacking Stuff. Currently, I still learning about hacking and using Tryhackme to learn more. This is the link of the room -> REloaded So, Let’s […]
Writeups
TryHackMe – VulnNet (Write-up)
Setup 🛠 Read the instructions on the TryHackMe – Vulnnet page. We have to add our the server’s IP Adress to the /etc/hosts as vulnnet.thm. Target Enumeration ❔ Use RustScan to scan the target. You will find that, PORT 22 (SSH) PORT 80 (Web Server) Web Enumeration ❔ Navigating to web interface gives you a […]
Intigriti 0321 – XSS Challenge – Writeup
WHOAMI Hey Everyone! 👋 I am Isira Adithya and I am a 16 years old ethical hacker from Sri Lanka. Recently (21/03/2021), I found out that the Intigriti, Europe’s #1 ethical hacking and bug bounty platform was releasing XSS Challenge. I’ve never participated to these before, but I found some cool write-ups about previous challenges […]
My First Bounty! (Simple Reflected XSS)
My first bug – Reflected XSS I think every hacker gets super excited when he/she found his/her first bug in the wild. Whoami Hey 👋🏽, I am Isira Adithya Ruwanpathirana and I am a 16 years old ethical hacker from Sri-Lanka. My ethical hacking background I don’t have CEH / OSCP or any other thing […]
My Bug Bounty Journey
> Whoami Hi 👋 I am Isira Adithya and I am a 17 years old researcher from Sri-Lanka. Currently, Studying at Bandarawela Central College, Bandarawela. I have a developer background (Javascript, PHP, Python, Dart, etc), When I was 13 I started developing applications in VB.Net. Since, Then I loved developing apps and other stuff like […]
Intigriti 0821 – XSS Challenge Writeup
Intigriti 0821 XSS Challenge by @WHOISbinit Website Overview Let’s take a look at the website and how it works 👀 The main page is using a <iframe> and looks like main page don’t have any details. So, the iframe’s source url is https://challenge-0821.intigriti.io/challenge/cooking.htmlClick Here. Interesting Javascript Libraries/Files In that page’s source we can find 3 […]
Intigriti Tip – Using Burp Match and Replaces Rules
Bypassing Client Side Input Restrictions via Burp Match and Replace Whoami 🧒 Hi Everyone 👋, I am a 17 years old bug hunter and Here is a little tip for bug bounty hunting. A lot of websites use client-side input restrictions to protect against attacks like XSS. But, most of the time I’ve seen that […]
Intigriti 1021 – XSS Challenge Solution/Writeup
Intigriti 1021 – XSS Challenge Writeup > Whoami Hi Everyone 👋, I am Isira Adithya and I am a 17 years old security researcher from Sri Lanka. 🧒 > XSS Challenge As usual, Intigriti released their XSS Challenge this month too. It was created by @0xTib3rius 🙌 This was a cool challenge, and I got […]
Intigirti 1221 XSS Challenge – Writeup
Intigirti 1221 XSS Challenge – Writeup by @isira_adithya As usual, Intigrti released a new challenge by E1u5iv3F0x And, Finally this time I got the first blood on the challenge. Challenge is hosted at https://challenge-1221.intigriti.io/ Website Overview 👨💻 As mentioned in the instructions, We have to pop an alert at https://challenge-1221.intigriti.io/challenge/index.php?payload= I was able to give […]